ModSecurity

ModSecurity is a highly effective firewall for Apache web servers which is used to stop attacks against web apps. It tracks the HTTP traffic to a given Internet site in real time and prevents any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script administration area without success many times sets off one rule, sending a request to execute a particular file that may result in getting access to the Internet site triggers a different rule, and so on. ModSecurity is among the best firewalls out there and it'll preserve even scripts which aren't updated often as it can prevent attackers from using known exploits and security holes. Quite comprehensive info about each and every intrusion attempt is recorded and the logs the firewall maintains are much more specific than the standard logs created by the Apache server, so you could later take a look at them and determine if you need to take additional measures in order to boost the security of your script-driven sites.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting solutions that we supply and it will be switched on automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could switch on and disable it with only a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your sites will contain comprehensive information including the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and incorporate both commercial ones we get from a third-party security company and custom ones our system admins include in case that they detect a new kind of attacks. That way, the sites that you host here shall be much more protected without any action required on your end.

ModSecurity in Semi-dedicated Servers

Any web program which you install inside your new semi-dedicated server account shall be protected by ModSecurity since the firewall is provided with all our hosting packages and is activated by default for any domain and subdomain which you include or create through your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated section inside Hepsia where not only can you activate or deactivate it fully, but you can also switch on a passive mode, so the firewall won't stop anything, but it shall still maintain an archive of possible attacks. This takes only a click and you'll be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was handled, etc. The firewall uses 2 sets of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one that our administrators update personally in order to respond to recently discovered risks at the earliest opportunity.

ModSecurity in VPS Servers

All VPS servers that are provided with the Hepsia Control Panel include ModSecurity. The firewall is installed and turned on by default for all domains that are hosted on the machine, so there shall not be anything special which you shall have to do to protect your Internet sites. It will take you only a mouse click to stop ModSecurity if required or to switch on its passive mode so that it records what occurs without taking any steps to prevent intrusions. You'll be able to view the logs created in active or passive mode via the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall employed to take care of it, and so forth. We employ a mix of commercial and custom rules so as to make certain that ModSecurity shall prevent as many threats as possible, consequently increasing the protection of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. In case that a web app doesn't operate correctly, you can either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity shall keep a log of any possible attack which might take place, but shall not take any action to prevent it. The logs generated in passive or active mode shall present you with more details about the exact file which was attacked, the nature of the attack and the IP address it originated from, and so on. This data will enable you to choose what steps you can take to enhance the safety of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated frequently with a commercial package from a third-party security enterprise we work with, but sometimes our administrators include their own rules as well in case they find a new potential threat.